Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/KkbGhXnxDOwOgcIeydGC2hpkf8E.roa
File: KkbGhXnxDOwOgcIeydGC2hpkf8E.roa (raw, json)
Hash identifier: 6dFnNq6EENYdcVACloGaIm1NL1+K8MORgDDKN371QtY=
Subject key identifier: 2A:46:C6:85:79:F1:0C:EC:0E:81:C2:1E:C9:D1:82:DA:1A:64:7F:C1
Certificate issuer: /CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Certificate serial: 018CFCDBED81EA1656FD72400A8BB75419B9
Authority key identifier: FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/KkbGhXnxDOwOgcIeydGC2hpkf8E.roa
Signing time: Fri 12 Jan 2024 08:48:40 +0000
ROA not before: Fri 12 Jan 2024 08:48:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 192.40.78.0/24 maxlen: 24
192.40.79.0/24 maxlen: 24
2a06:f044::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 17:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fc:db:ed:81:ea:16:56:fd:72:40:0a:8b:b7:54:19:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb1a810e3ab1964b44ecb3778340b266dbda1126
Validity
Not Before: Jan 12 08:48:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a46c68579f10cec0e81c21ec9d182da1a647fc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:38:45:90:ba:1c:cb:ac:3d:7d:ec:0f:c7:9c:
4f:0e:6e:6e:92:dc:ad:74:9b:68:72:c0:36:ec:65:
02:d0:a1:86:74:25:2e:cb:6e:62:5a:04:69:5d:f9:
d5:29:04:4e:4a:d9:f7:97:d5:45:d6:4a:20:d9:e3:
0a:c8:0d:b9:a5:ba:17:74:86:cd:23:8f:82:11:28:
7a:f9:20:22:85:66:b9:e1:c2:1a:37:af:f4:05:8d:
f2:41:28:06:1d:69:07:d6:93:db:d7:c7:8a:ae:cf:
06:77:7e:d7:7f:e9:6f:fd:76:d2:57:10:c1:8a:78:
63:02:88:dc:d4:36:48:fb:ed:1a:8a:53:75:2d:a1:
ec:73:92:11:a1:b8:be:64:2a:9f:d6:64:2c:f9:b5:
d0:e5:6a:f5:fb:7a:1a:72:9a:c9:4d:00:8d:de:02:
41:99:08:ec:65:d6:15:d3:7e:92:61:e1:06:41:ff:
5a:0f:6b:e3:85:28:15:c7:f1:4a:b7:a9:c5:50:b1:
18:ac:d6:61:b0:1e:b9:fc:09:9c:c2:96:89:19:74:
c8:ae:37:76:ae:92:5c:79:99:d2:99:9a:af:63:05:
25:3a:d5:e6:9b:e9:c5:72:f3:32:ec:cc:21:32:19:
f0:b6:8b:76:c9:20:e2:82:eb:d4:fe:53:ca:5c:76:
d6:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:46:C6:85:79:F1:0C:EC:0E:81:C2:1E:C9:D1:82:DA:1A:64:7F:C1
X509v3 Authority Key Identifier:
keyid:FB:1A:81:0E:3A:B1:96:4B:44:EC:B3:77:83:40:B2:66:DB:DA:11:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xqBDjqxlktE7LN3g0CyZtvaESY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/KkbGhXnxDOwOgcIeydGC2hpkf8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9d606e-08a6-4f4a-b980-b5abf440e893/1/1-xqBDjqxlktE7LN3g0CyZtvaESY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.40.78.0/23
IPv6:
2a06:f044::/48
Signature Algorithm: sha256WithRSAEncryption
8a:92:25:5a:40:f6:b5:79:d7:48:78:1d:43:57:e0:80:48:78:
1d:6a:8b:91:ef:94:cb:04:67:13:68:fb:c5:cf:69:c0:22:e1:
61:1e:48:82:f9:13:07:b2:e4:47:4c:62:4c:3c:77:6e:d6:c7:
39:87:d2:c5:cc:84:8c:93:31:1f:0e:78:a4:8e:52:b3:d5:ac:
8f:0a:99:40:92:35:e8:4d:46:94:b5:11:4c:a3:d6:3f:af:dd:
4b:9a:0b:f5:0b:9c:28:02:c2:12:eb:c7:a4:98:83:04:6a:2c:
59:48:f5:b7:67:cf:f8:31:93:d4:c7:0c:e0:29:92:fc:93:28:
c4:8c:46:39:9a:84:f9:7e:4d:69:37:a0:e3:d2:db:4c:f9:15:
e8:02:7a:66:fe:46:77:0c:ce:25:d0:45:76:e2:85:6c:4c:fe:
9d:35:55:fc:60:57:d9:57:d4:4a:43:a1:8c:2f:f8:ac:31:ea:
1e:94:6c:49:3c:66:25:2b:10:0b:69:71:20:fa:4a:dd:ed:3f:
a4:63:ac:e6:49:c9:c0:b0:dd:f3:49:84:a3:1e:db:9b:36:a8:
72:62:15:b1:ce:a7:ef:e9:2d:29:1b:e4:81:90:36:69:86:2e:
d1:46:68:1a:6b:a8:8f:a9:07:0d:6e:87:8a:3d:84:63:81:5e:
a9:4f:2d:4e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYz82+2B6hZW/XJACou3VBm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMWE4MTBlM2FiMTk2NGI0NGVjYjM3NzgzNDBiMjY2ZGJk
YTExMjYwHhcNMjQwMTEyMDg0ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ2YzY4NTc5ZjEwY2VjMGU4MWMyMWVjOWQxODJkYTFhNjQ3ZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlThFkLocy6w9fewPx5xPDm5uktyt
dJtocsA27GUC0KGGdCUuy25iWgRpXfnVKQROStn3l9VF1kog2eMKyA25pboXdIbN
I4+CESh6+SAihWa54cIaN6/0BY3yQSgGHWkH1pPb18eKrs8Gd37Xf+lv/XbSVxDB
inhjAojc1DZI++0ailN1LaHsc5IRobi+ZCqf1mQs+bXQ5Wr1+3oacprJTQCN3gJB
mQjsZdYV036SYeEGQf9aD2vjhSgVx/FKt6nFULEYrNZhsB65/AmcwpaJGXTIrjd2
rpJceZnSmZqvYwUlOtXmm+nFcvMy7MwhMhnwtot2ySDiguvU/lPKXHbWiQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFCpGxoV58QzsDoHCHsnRgtoaZH/BMB8GA1UdIwQY
MBaAFPsagQ46sZZLROyzd4NAsmbb2hEmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14cUJEanF4bGt0RTdMTjNnMEN5WnR2YUVTWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgw
LWI1YWJmNDQwZTg5My8xL0trYkdoWG54RE93T2djSWV5ZEdDMmhwa2Y4RS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzAvOWQ2MDZlLTA4YTYtNGY0YS1iOTgwLWI1YWJmNDQwZTg5
My8xLzEteHFCRGpxeGxrdEU3TE4zZzBDeVp0dmFFU1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAHAKE4w
DwQCAAIwCQMHACoG8EQAADANBgkqhkiG9w0BAQsFAAOCAQEAipIlWkD2tXnXSHgd
Q1fggEh4HWqLke+UywRnE2j7xc9pwCLhYR5IgvkTB7LkR0xiTDx3btbHOYfSxcyE
jJMxHw54pI5Ss9WsjwqZQJI16E1GlLURTKPWP6/dS5oL9QucKALCEuvHpJiDBGos
WUj1t2fP+DGT1McM4CmS/JMoxIxGOZqE+X5NaTeg49LbTPkV6AJ6Zv5GdwzOJdBF
duKFbEz+nTVV/GBX2VfUSkOhjC/4rDHqHpRsSTxmJSsQC2lxIPpK3e0/pGOs5knJ
wLDd80mEox7bmzaocmIVsc6n7+ktKRvkgZA2aYYu0UZoGmuoj6kHDW6Hij2EY4Fe
qU8tTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org